<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <title>ActionDispatch::Http::FilterParameters</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link rel="stylesheet" href="../../../css/reset.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../../css/main.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../../css/github.css" type="text/css" media="screen" />
<script src="../../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
<script src="../../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
<script src="../../../js/main.js" type="text/javascript" charset="utf-8"></script>
<script src="../../../js/highlight.pack.js" type="text/javascript" charset="utf-8"></script>

</head>

<body>     
    <div class="banner">
        
            <span>Ruby on Rails v4.0.0</span><br />
        
        <h1>
            <span class="type">Module</span> 
            ActionDispatch::Http::FilterParameters 
            
        </h1>
        <ul class="files">
            
            <li><a href="../../../files/actionpack/lib/action_dispatch/http/filter_parameters_rb.html">actionpack/lib/action_dispatch/http/filter_parameters.rb</a></li>
            
        </ul>
    </div>
    <div id="bodyContent">
        <div id="content">
  
    <div class="description">
      
<p>Allows you to specify sensitive parameters which will be replaced from the
request log by looking in the query string of the request and all subhashes
of the params hash to filter. If a block is given, each key and value of
the params hash and all subhashes is passed to it, the value or key can be
replaced using String#replace or similar method.</p>

<pre class="ruby"><span class="ruby-identifier">env</span>[<span class="ruby-string">&quot;action_dispatch.parameter_filter&quot;</span>] = [:<span class="ruby-identifier">password</span>]
=<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">replaces</span> <span class="ruby-identifier">the</span> <span class="ruby-identifier">value</span> <span class="ruby-identifier">to</span> <span class="ruby-identifier">all</span> <span class="ruby-identifier">keys</span> <span class="ruby-identifier">matching</span> <span class="ruby-regexp">/password/</span> <span class="ruby-identifier">with</span> <span class="ruby-string">&quot;[FILTERED]&quot;</span>

<span class="ruby-identifier">env</span>[<span class="ruby-string">&quot;action_dispatch.parameter_filter&quot;</span>] = [:<span class="ruby-identifier">foo</span>, <span class="ruby-string">&quot;bar&quot;</span>]
=<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">replaces</span> <span class="ruby-identifier">the</span> <span class="ruby-identifier">value</span> <span class="ruby-identifier">to</span> <span class="ruby-identifier">all</span> <span class="ruby-identifier">keys</span> <span class="ruby-identifier">matching</span> <span class="ruby-regexp">/foo|bar/</span> <span class="ruby-identifier">with</span> <span class="ruby-string">&quot;[FILTERED]&quot;</span>

<span class="ruby-identifier">env</span>[<span class="ruby-string">&quot;action_dispatch.parameter_filter&quot;</span>] = <span class="ruby-identifier">lambda</span> <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">k</span>,<span class="ruby-identifier">v</span><span class="ruby-operator">|</span>
  <span class="ruby-identifier">v</span>.<span class="ruby-identifier">reverse!</span> <span class="ruby-keyword">if</span> <span class="ruby-identifier">k</span> <span class="ruby-operator">=~</span> <span class="ruby-regexp">/secret/</span>
<span class="ruby-keyword">end</span>
=<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">reverses</span> <span class="ruby-identifier">the</span> <span class="ruby-identifier">value</span> <span class="ruby-identifier">to</span> <span class="ruby-identifier">all</span> <span class="ruby-identifier">keys</span> <span class="ruby-identifier">matching</span> <span class="ruby-regexp">/secret/</span>
</pre>

    </div>
  


  


  
  


  


  
    <!-- Method ref -->
    <div class="sectiontitle">Methods</div>
    <dl class="methods">
      
        <dt>E</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="FilterParameters.html#method-i-env_filter">env_filter</a>
              </li>
            
          </ul>
        </dd>
      
        <dt>F</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="FilterParameters.html#method-i-filtered_env">filtered_env</a>,
              </li>
            
              
              <li>
                <a href="FilterParameters.html#method-i-filtered_parameters">filtered_parameters</a>,
              </li>
            
              
              <li>
                <a href="FilterParameters.html#method-i-filtered_path">filtered_path</a>,
              </li>
            
              
              <li>
                <a href="FilterParameters.html#method-i-filtered_query_string">filtered_query_string</a>
              </li>
            
          </ul>
        </dd>
      
        <dt>N</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="FilterParameters.html#method-c-new">new</a>
              </li>
            
          </ul>
        </dd>
      
        <dt>P</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="FilterParameters.html#method-i-parameter_filter">parameter_filter</a>,
              </li>
            
              
              <li>
                <a href="FilterParameters.html#method-i-parameter_filter_for">parameter_filter_for</a>
              </li>
            
          </ul>
        </dd>
      
    </dl>
  

  



  

    

    

    
      <!-- Section constants -->
      <div class="sectiontitle">Constants</div>
      <table border='0' cellpadding='5'>
        
          <tr valign='top'>
            <td class="attr-name">ENV_MATCH</td>
            <td>=</td>
            <td class="attr-value">[/RAW_POST_DATA/, &quot;rack.request.form_vars&quot;]</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">NULL_PARAM_FILTER</td>
            <td>=</td>
            <td class="attr-value">ParameterFilter.new</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">NULL_ENV_FILTER</td>
            <td>=</td>
            <td class="attr-value">ParameterFilter.new ENV_MATCH</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">KV_RE</td>
            <td>=</td>
            <td class="attr-value">'[^&amp;;=]+'</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
          <tr valign='top'>
            <td class="attr-name">PAIR_RE</td>
            <td>=</td>
            <td class="attr-value">%r{(#{KV_RE})=(#{KV_RE})}</td>
          </tr>
          
            <tr valign='top'>
              <td>&nbsp;</td>
              <td colspan="2" class="attr-desc"></td>
            </tr>
          
        
      </table>
    


    


    <!-- Methods -->
    
      <div class="sectiontitle">Class Public methods</div>
      
        <div class="method">
          <div class="title method-title" id="method-c-new">
            
              <b>new</b>(env)
            
            <a href="FilterParameters.html#method-c-new" name="method-c-new" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-c-new_source')" id="l_method-c-new_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L28" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-c-new_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 28</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">initialize</span>(<span class="ruby-identifier">env</span>)
  <span class="ruby-keyword">super</span>
  <span class="ruby-ivar">@filtered_parameters</span> = <span class="ruby-keyword">nil</span>
  <span class="ruby-ivar">@filtered_env</span>        = <span class="ruby-keyword">nil</span>
  <span class="ruby-ivar">@filtered_path</span>       = <span class="ruby-keyword">nil</span>
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
                  
      <div class="sectiontitle">Instance Public methods</div>
      
        <div class="method">
          <div class="title method-title" id="method-i-filtered_env">
            
              <b>filtered_env</b>()
            
            <a href="FilterParameters.html#method-i-filtered_env" name="method-i-filtered_env" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              <p>Return a hash of request.env with all sensitive data replaced.</p>
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-filtered_env_source')" id="l_method-i-filtered_env_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L41" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-filtered_env_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 41</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">filtered_env</span>
  <span class="ruby-ivar">@filtered_env</span> <span class="ruby-operator">||=</span> <span class="ruby-identifier">env_filter</span>.<span class="ruby-identifier">filter</span>(<span class="ruby-ivar">@env</span>)
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
        
        <div class="method">
          <div class="title method-title" id="method-i-filtered_parameters">
            
              <b>filtered_parameters</b>()
            
            <a href="FilterParameters.html#method-i-filtered_parameters" name="method-i-filtered_parameters" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              <p>Return a hash of parameters with all sensitive data replaced.</p>
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-filtered_parameters_source')" id="l_method-i-filtered_parameters_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L36" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-filtered_parameters_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 36</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">filtered_parameters</span>
  <span class="ruby-ivar">@filtered_parameters</span> <span class="ruby-operator">||=</span> <span class="ruby-identifier">parameter_filter</span>.<span class="ruby-identifier">filter</span>(<span class="ruby-identifier">parameters</span>)
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
        
        <div class="method">
          <div class="title method-title" id="method-i-filtered_path">
            
              <b>filtered_path</b>()
            
            <a href="FilterParameters.html#method-i-filtered_path" name="method-i-filtered_path" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              <p>Reconstructed a path with all sensitive GET parameters replaced.</p>
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-filtered_path_source')" id="l_method-i-filtered_path_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L46" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-filtered_path_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 46</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">filtered_path</span>
  <span class="ruby-ivar">@filtered_path</span> <span class="ruby-operator">||=</span> <span class="ruby-identifier">query_string</span>.<span class="ruby-identifier">empty?</span> <span class="ruby-operator">?</span> <span class="ruby-identifier">path</span> <span class="ruby-operator">:</span> <span class="ruby-node">&quot;#{path}?#{filtered_query_string}&quot;</span>
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
              
      <div class="sectiontitle">Instance Protected methods</div>
      
        <div class="method">
          <div class="title method-title" id="method-i-env_filter">
            
              <b>env_filter</b>()
            
            <a href="FilterParameters.html#method-i-env_filter" name="method-i-env_filter" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-env_filter_source')" id="l_method-i-env_filter_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L58" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-env_filter_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 58</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">env_filter</span>
  <span class="ruby-identifier">user_key</span> = <span class="ruby-ivar">@env</span>.<span class="ruby-identifier">fetch</span>(<span class="ruby-string">&quot;action_dispatch.parameter_filter&quot;</span>) {
    <span class="ruby-keyword">return</span> <span class="ruby-constant">NULL_ENV_FILTER</span>
  }
  <span class="ruby-identifier">parameter_filter_for</span>(<span class="ruby-constant">Array</span>(<span class="ruby-identifier">user_key</span>) <span class="ruby-operator">+</span> <span class="ruby-constant">ENV_MATCH</span>)
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
        
        <div class="method">
          <div class="title method-title" id="method-i-filtered_query_string">
            
              <b>filtered_query_string</b>()
            
            <a href="FilterParameters.html#method-i-filtered_query_string" name="method-i-filtered_query_string" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-filtered_query_string_source')" id="l_method-i-filtered_query_string_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L71" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-filtered_query_string_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 71</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">filtered_query_string</span>
  <span class="ruby-identifier">query_string</span>.<span class="ruby-identifier">gsub</span>(<span class="ruby-constant">PAIR_RE</span>) <span class="ruby-keyword">do</span> <span class="ruby-operator">|</span><span class="ruby-identifier">_</span><span class="ruby-operator">|</span>
    <span class="ruby-identifier">parameter_filter</span>.<span class="ruby-identifier">filter</span>([[<span class="ruby-node">$1</span>, <span class="ruby-node">$2</span>]]).<span class="ruby-identifier">first</span>.<span class="ruby-identifier">join</span>(<span class="ruby-string">&quot;=&quot;</span>)
  <span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
        
        <div class="method">
          <div class="title method-title" id="method-i-parameter_filter">
            
              <b>parameter_filter</b>()
            
            <a href="FilterParameters.html#method-i-parameter_filter" name="method-i-parameter_filter" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-parameter_filter_source')" id="l_method-i-parameter_filter_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L52" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-parameter_filter_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 52</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">parameter_filter</span>
  <span class="ruby-identifier">parameter_filter_for</span> <span class="ruby-ivar">@env</span>.<span class="ruby-identifier">fetch</span>(<span class="ruby-string">&quot;action_dispatch.parameter_filter&quot;</span>) {
    <span class="ruby-keyword">return</span> <span class="ruby-constant">NULL_PARAM_FILTER</span>
  }
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
        
        <div class="method">
          <div class="title method-title" id="method-i-parameter_filter_for">
            
              <b>parameter_filter_for</b>(filters)
            
            <a href="FilterParameters.html#method-i-parameter_filter_for" name="method-i-parameter_filter_for" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              
            </div>
          
          
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-parameter_filter_for_source')" id="l_method-i-parameter_filter_for_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/8ae9b4623e16f28c7954edcd89fbab2bba99b334/actionpack/lib/action_dispatch/http/filter_parameters.rb#L65" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-parameter_filter_for_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_dispatch/http/filter_parameters.rb, line 65</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">parameter_filter_for</span>(<span class="ruby-identifier">filters</span>)
  <span class="ruby-constant">ParameterFilter</span>.<span class="ruby-identifier">new</span>(<span class="ruby-identifier">filters</span>)
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
                    </div>

    </div>
  </body>
</html>    